Mozno virus

vladko3007 · Napísal **vladko3007**: 30.12.2008 17:12

Prosim vas mam problem dal som aktualizovat windows a od vtedy mi strasne dlho nacitava osobne nastavenia a ked ich niekedy nacita tak mi nenaskocia ikony musim reštrtovat pc.

Dakujem za pomoc,som zaciatocnik tak troska berte ohlad

Kosak · Napísal **Kosak**: 30.12.2008 22:46

Ahoj, pošli log z UPM.

vladko3007 · Napísal autor témy **vladko3007**: 31.12.2008 13:03

Urobil som toto

ComboFix 08-12-30.02 - admin 2008-12-31 11:53:57.4 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.3326.2803 [GMT 1:00]
Running from: d:\auta\ComboFix.exe
Command switches used :: c:\documents and settings\admin\Desktop\CFScript.txt
AV: Panda Antivirus 2008 *On-access scanning disabled* (Outdated)
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_NTPROCDRV

((((((((((((((((((((((((( Files Created from 2008-11-28 to 2008-12-31 )))))))))))))))))))))))))))))))
.

2008-12-30 23:42 . 2008-12-30 23:42 <DIR> d-------- c:\documents and settings\admin\Application Data\XnView
2008-12-30 21:41 . 2008-12-30 23:23 862,240 --ahs---- c:\windows\system32\drivers\fidbox.dat
2008-12-30 21:41 . 2008-12-30 23:23 12,224 --ahs---- c:\windows\system32\drivers\fidbox.idx
2008-12-30 21:24 . 2008-12-30 21:30 <DIR> d-------- C:\Combo-Fix
2008-12-30 11:59 . 2008-12-30 11:59 <DIR> d-------- c:\windows\system32\ageia
2008-12-30 11:59 . 2008-12-30 11:59 <DIR> d-------- c:\program files\AGEIA Technologies
2008-12-29 20:44 . 2008-12-29 20:47 <DIR> d-------- c:\documents and settings\admin\Application Data\Thinstall
2008-12-29 20:42 . 2008-12-29 20:45 351 --a------ c:\windows\WINCMD.INI
2008-12-29 16:34 . 2008-12-29 16:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\Ubisoft
2008-12-29 16:34 . 2008-12-29 16:34 <DIR> d-------- c:\documents and settings\All Users\Application Data\InstallShield
2008-12-29 11:42 . 2008-12-29 11:42 <DIR> d-------- c:\program files\Common Files\Panda Software
2008-12-29 11:42 . 2008-12-29 11:40 178,872 --a------ c:\windows\system32\drivers\PavProc.sys
2008-12-29 11:42 . 2008-12-29 11:40 38,968 --a------ c:\windows\system32\drivers\ShlDrv51.sys
2008-12-29 11:36 . 2008-12-29 11:36 <DIR> d-------- c:\documents and settings\All Users\Application Data\sentinel
2008-12-29 11:35 . 2008-12-30 20:22 <DIR> d-------- c:\windows\system32\PAV
2008-12-29 11:35 . 2007-09-28 13:24 83,896 --a------ c:\windows\system32\drivers\pavdrv51.sys
2008-12-29 11:35 . 2007-03-15 18:38 54,832 --a------ c:\windows\system32\pavcpl.cpl
2008-12-29 11:35 . 2007-02-15 20:02 50,736 --a------ c:\windows\system32\avldr.dll
2008-12-29 11:35 . 2008-12-29 11:35 248 --a------ c:\windows\system32\PavCPL.dat
2008-12-29 00:35 . 2008-12-29 00:35 <DIR> d-------- c:\program files\Windows Media Connect 2
2008-12-29 00:29 . 2008-12-29 00:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\Office Genuine Advantage
2008-12-29 00:28 . 2008-12-29 00:28 <DIR> d-------- c:\documents and settings\admin\Application Data\HateML
2008-12-28 23:43 . 2008-12-28 23:43 <DIR> d-------- c:\program files\MSXML 4.0
2008-12-28 23:33 . 2008-12-12 18:01 3,067,904 -----c--- c:\windows\system32\dllcache\mshtml.dll
2008-12-28 23:33 . 2008-10-16 02:00 1,499,136 -----c--- c:\windows\system32\dllcache\shdocvw.dll
2008-12-28 23:33 . 2008-10-16 02:00 666,112 -----c--- c:\windows\system32\dllcache\wininet.dll
2008-12-28 23:33 . 2008-10-16 02:00 619,520 -----c--- c:\windows\system32\dllcache\urlmon.dll
2008-12-28 23:32 . 2008-08-14 11:11 2,189,184 --a--c--- c:\windows\system32\dllcache\ntoskrnl.exe
2008-12-28 23:32 . 2008-08-14 10:33 2,066,048 -----c--- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-12-28 23:32 . 2008-08-14 10:33 2,023,936 -----c--- c:\windows\system32\dllcache\ntkrpamp.exe
2008-12-28 23:32 . 2008-09-15 13:12 1,846,400 -----c--- c:\windows\system32\dllcache\win32k.sys
2008-12-28 23:32 . 2008-09-04 18:15 1,106,944 -----c--- c:\windows\system32\dllcache\msxml3.dll
2008-12-28 23:32 . 2008-10-24 12:21 455,296 -----c--- c:\windows\system32\dllcache\mrxsmb.sys
2008-12-28 23:32 . 2008-09-08 11:41 333,824 -----c--- c:\windows\system32\dllcache\srv.sys
2008-12-28 23:32 . 2008-08-14 11:04 138,496 -----c--- c:\windows\system32\dllcache\afd.sys
2008-12-28 23:31 . 2008-05-01 15:33 331,776 -----c--- c:\windows\system32\dllcache\msadce.dll
2008-12-28 23:30 . 2008-04-11 20:04 691,712 -----c--- c:\windows\system32\dllcache\inetcomm.dll
2008-12-28 23:30 . 2008-06-13 12:05 272,128 -----c--- c:\windows\system32\dllcache\bthport.sys
2008-12-28 23:30 . 2008-05-08 15:02 203,136 -----c--- c:\windows\system32\dllcache\rmcast.sys
2008-12-28 21:14 . 2008-12-28 21:14 <DIR> d-------- c:\program files\Eidos
2008-12-27 19:58 . 2008-12-27 21:37 49 --a------ c:\windows\transp.gif
2008-12-27 19:47 . 2008-12-27 19:47 666,624 --a------ c:\windows\is-04TCV.exe
2008-12-27 19:47 . 2008-12-27 19:47 10,884 --a------ c:\windows\is-04TCV.msg
2008-12-27 19:47 . 2008-12-27 19:47 325 --a------ c:\windows\is-04TCV.lst
2008-12-26 23:58 . 2008-12-26 23:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-26 23:58 . 2008-12-26 23:58 <DIR> d-------- c:\documents and settings\admin\Application Data\Malwarebytes
2008-12-26 23:58 . 2008-12-03 19:52 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-12-26 23:58 . 2008-12-03 19:52 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-12-26 21:54 . 2008-12-26 21:54 <DIR> d-------- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-26 21:54 . 2008-12-26 21:54 <DIR> d-------- c:\documents and settings\admin\Application Data\SUPERAntiSpyware.com
2008-12-26 21:53 . 2008-12-26 21:53 <DIR> d-------- c:\program files\Common Files\Wise Installation Wizard
2008-12-26 09:18 . 2008-12-26 09:18 <DIR> d-------- c:\documents and settings\admin\Application Data\Vso
2008-12-26 00:25 . 2008-12-26 00:29 262,144 --a------ c:\windows\system32\wrap_oal.dll
2008-12-26 00:25 . 2008-12-26 00:29 86,016 --a------ c:\windows\system32\OpenAL32.dll
2008-12-26 00:24 . 2008-12-26 00:24 <DIR> d-------- c:\windows\system32\Futuremark
2008-12-26 00:24 . 2007-09-07 14:55 27,672 --a------ c:\windows\system32\drivers\Entech.sys
2008-12-26 00:24 . 2007-09-07 14:55 12,744 --a------ c:\windows\system32\drivers\Entech64.sys
2008-12-26 00:24 . 2007-09-07 14:55 6,173 --a------ c:\windows\system32\drivers\Entech.vxd
2008-12-26 00:24 . 2001-11-19 20:05 3,972 --a------ c:\windows\system32\drivers\PciBus.sys
2008-12-25 23:58 . 2008-12-25 23:58 92 --a------ c:\windows\ProductKeyExplorer.INI
2008-12-25 20:08 . 2008-12-25 20:08 <DIR> d-------- c:\documents and settings\datart\Dokumenty
2008-12-25 20:08 . 2008-12-25 20:08 <DIR> d-------- c:\documents and settings\datart
2008-12-23 00:01 . 2008-12-23 00:01 <DIR> d-------- c:\documents and settings\All Users\Application Data\FLEXnet
2008-12-22 23:59 . 2008-12-22 23:59 <DIR> d-------- c:\program files\Bonjour
2008-12-22 23:53 . 2008-12-22 23:53 <DIR> d-------- c:\program files\Common Files\Macrovision Shared
2008-12-22 23:46 . 2008-12-22 23:46 <DIR> d--h----- c:\windows\PIF
2008-12-22 10:47 . 2008-12-22 10:48 <DIR> d-------- c:\documents and settings\All Users\Application Data\Vivendi Universal Games
2008-12-22 10:47 . 2008-12-22 10:47 <DIR> d-------- c:\documents and settings\All Users\Application Data\Barbie Fashion Show
2008-12-21 22:44 . 2008-04-14 14:42 221,184 --a------ c:\windows\system32\wmpns.dll
2008-12-21 22:44 . 2008-12-21 22:44 177 --a------ C:\desktop.ini
2008-12-21 21:54 . 2008-12-21 21:54 <DIR> d-------- c:\documents and settings\admin\Application Data\Skinux
2008-12-21 21:53 . 2008-12-21 21:53 <DIR> d-------- c:\program files\The Skins Factory
2008-12-21 21:51 . 2003-12-13 00:40 202,763 --a--c--- c:\windows\system32\dllcache\uxtheme.dll
2008-12-21 19:40 . 2008-12-20 04:05 211 --ahs---- C:\BOOT.BKK
2008-12-21 19:37 . 2008-12-21 19:37 <DIR> d-------- c:\program files\TGTSoft
2008-12-21 19:12 . 2006-04-10 14:03 38,400 --a------ c:\windows\system32\hpz3l054.dll
2008-12-21 19:11 . 2008-12-21 19:11 <DIR> d-------- c:\documents and settings\admin\Application Data\HP
2008-12-21 19:11 . 2008-04-14 00:15 15,104 --a------ c:\windows\system32\drivers\usbscan.sys
2008-12-21 19:11 . 2008-04-14 00:15 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys
2008-12-21 19:08 . 2008-12-21 19:08 <DIR> d-------- c:\documents and settings\All Users\Application Data\HP
2008-12-21 19:05 . 2008-12-21 19:05 <DIR> d-------- c:\program files\Common Files\Sonic Shared
2008-12-21 19:05 . 2008-12-21 19:05 <DIR> d-------- c:\documents and settings\All Users\Application Data\Sonic
2008-12-21 19:03 . 2008-12-21 19:03 <DIR> d-------- c:\windows\system32\URTTEMP
2008-12-21 19:03 . 2008-12-21 19:05 <DIR> d-------- c:\program files\Common Files\HP
2008-12-21 19:01 . 2008-12-21 19:01 <DIR> d-------- c:\program files\Hewlett-Packard
2008-12-21 19:01 . 2008-12-21 19:01 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard
2008-12-21 18:58 . 1998-10-29 16:45 306,688 --a------ c:\windows\IsUninst.exe
2008-12-21 18:58 . 2006-03-03 21:03 282,680 --a------ c:\windows\system32\HPZidr12.dll
2008-12-21 18:58 . 2006-03-03 21:02 204,800 --a------ c:\windows\system32\HPZipr12.dll
2008-12-21 18:58 . 2006-03-03 21:02 94,208 --a------ c:\windows\system32\HPZipt12.dll
2008-12-21 18:58 . 2006-03-03 21:03 69,632 --a------ c:\windows\system32\HPZipm12.exe
2008-12-21 18:58 . 2006-03-03 21:03 65,536 --a------ c:\windows\system32\HPZinw12.exe
2008-12-21 18:58 . 2006-03-03 21:02 57,344 --a------ c:\windows\system32\HPZisn12.dll
2008-12-21 18:56 . 2008-12-21 18:56 <DIR> d-------- c:\program files\HP
2008-12-21 18:56 . 2008-04-14 00:17 25,856 --a------ c:\windows\system32\drivers\usbprint.sys
2008-12-21 18:56 . 2008-04-14 00:17 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys
2008-12-21 18:54 . 2008-12-21 19:12 117,423 --a------ c:\windows\hpoins11.dat
2008-12-21 18:50 . 2008-12-21 18:50 <DIR> d-------- c:\program files\Common Files\snp2std
2008-12-21 18:50 . 2006-06-07 10:34 10,305,280 --a------ c:\windows\system32\drivers\snp2sxp.sys
2008-12-21 18:50 . 2006-05-15 15:52 675,840 --a------ c:\windows\vsnp2std.exe
2008-12-21 18:50 . 2005-01-26 15:45 349,472 --a------ c:\windows\WindowsXP-KB822603-x86.exe
2008-12-21 18:50 . 2006-05-22 10:37 262,144 --a------ c:\windows\tsnp2std.exe
2008-12-21 18:50 . 2006-04-07 10:33 147,456 --a------ c:\windows\rsnp2std.dll
2008-12-21 18:50 . 2004-08-09 17:43 94,208 --a------ c:\windows\amcap.exe
2008-12-21 18:50 . 2006-05-04 11:14 61,440 --a------ c:\windows\vsnp2std.dll
2008-12-21 18:50 . 2005-11-23 13:55 53,248 --a------ c:\windows\system32\csnp2std.dll
2008-12-21 18:50 . 2006-04-27 20:43 24,832 --a------ c:\windows\system32\drivers\sncamd.sys
2008-12-21 18:50 . 2006-06-01 11:26 20,480 --a------ c:\windows\FixCamera.exe
2008-12-21 18:50 . 2004-12-09 17:23 15,497 --a------ c:\windows\snp2std.ini
2008-12-21 18:50 . 2004-12-09 17:23 13,022 --a------ c:\windows\snp2std.src
2008-12-21 13:45 . 2008-07-12 08:18 3,851,784 --a------ c:\windows\system32\D3DX9_39.dll
2008-12-21 13:45 . 2008-07-12 08:18 1,493,528 --a------ c:\windows\system32\D3DCompiler_39.dll
2008-12-21 13:45 . 2008-07-31 10:40 509,448 --a------ c:\windows\system32\XAudio2_2.dll
2008-12-21 13:45 . 2008-07-12 08:18 467,984 --a------ c:\windows\system32\d3dx10_39.dll
2008-12-21 13:45 . 2008-07-31 10:41 238,088 --a------ c:\windows\system32\xactengine3_2.dll
2008-12-21 13:45 . 2008-07-31 10:41 68,616 --a------ c:\windows\system32\XAPOFX1_1.dll
2008-12-21 09:28 . 2008-12-28 23:45 <DIR> d--h----- c:\windows\$hf_mig$
2008-12-21 09:26 . 2008-12-21 09:26 <DIR> d---s---- c:\documents and settings\admin\UserData
2008-12-21 09:16 . 2008-12-21 09:16 <DIR> d-------- C:\OpenSSL
2008-12-21 09:16 . 2008-12-21 09:16 155,648 --a------ c:\windows\system32\libssl32.dll
2008-12-21 05:48 . 2008-12-21 05:48 1,700,352 --a------ c:\windows\system32\gdiplus.dll
2008-12-21 05:48 . 2008-12-21 05:48 1,060,864 --a------ c:\windows\system32\mfc71.dll
2008-12-21 05:48 . 2008-12-21 05:48 348,160 --a------ c:\windows\system32\Msvcr71.dll
2008-12-21 05:24 . 2008-12-30 12:02 98,304 --a------ c:\windows\system32\CmdLineExt.dll
2008-12-21 05:22 . 2008-12-21 05:22 <DIR> d-------- c:\windows\system32\xlive

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-31 10:56 16,608 ----a-w c:\windows\gdrv.sys
2008-12-30 10:55 --------- d--h--w c:\program files\InstallShield Installation Information
2008-12-29 15:23 --------- d-----w c:\program files\Common Files\InstallShield
2008-12-20 03:30 --------- d-----w c:\program files\Intel
2008-12-20 03:29 --------- d-----w c:\program files\GIGABYTE
2008-12-20 03:29 --------- d-----w c:\program files\Browser Configuration Utility
2008-12-20 03:10 --------- d-----w c:\program files\microsoft frontpage
.

((((((((((((((((((((((((((((( snapshot@2008-12-30_19.54.49.87 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-12-31 10:57:03 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_78c.dat
- 2008-12-30 18:54:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7a4.dat
+ 2008-12-31 10:56:58 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_7a4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{0063BF63-BFFF-4B8F-9D26-4267DF7F17DD}"= "c:\windows\system32\dvmurl.dll" [2008-05-03 146528]

[HKEY_CLASSES_ROOT\clsid\{0063bf63-bfff-4b8f-9d26-4267df7f17dd}]
[HKEY_CLASSES_ROOT\dvmurl.DvmIEGoogleSearch]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="d:\program files\DAEMON Tools Lite\daemon.exe" [2008-07-24 490952]
"Skype"="d:\program files\Skype\Phone\Skype.exe" [2008-11-07 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APVXDWIN"="d:\program files\Panda Security\Panda Antivirus 2008\APVXDWIN.EXE" [2007-10-04 455984]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-03 13529088]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
"NoFileAssociate"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "d:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-03 14:56 352256 d:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
2007-02-15 20:02 50736 c:\windows\system32\avldr.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Games\\Rockstar Games\\Rockstar Games Social Club\\RGSCLauncher.exe"=
"d:\\Games\\Rockstar Games\\Grand Theft Auto IV\\LaunchGTAIV.exe"=
"d:\\Games\\Rockstar Games\\Grand Theft Auto IV\\GTAIV.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"d:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"d:\\Games\\Midway Home Entertainment\\Stranglehold\\Binaries\\Retail-Stranglehold.exe"=
"d:\\Games\\Ubisoft\\Ghost Recon Advanced Warfighter\\GRAW.exe"=
"d:\\Program Files\\Skype\\Phone\\Skype.exe"=

R1 SASDIFSV;SASDIFSV;\??\d:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-12-04 8944]
R1 SASKUTIL;SASKUTIL;\??\d:\program files\SUPERAntiSpyware\SASKUTIL.sys [2008-12-04 55024]
R1 ShldDrv;Panda File Shield Driver;c:\windows\system32\DRIVERS\ShlDrv51.sys [2008-12-29 38968]
R2 GEST Service;GEST Service for program management.;"c:\program files\GIGABYTE\EnergySaver\GSvr.exe" [2008-12-20 80392]
R2 HdThemeEnabler;Hyperdesk Theme Enabler;"c:\windows\HDThemeEnabler.exe" -service [2008-07-01 102400]
R2 MBAMService;MBAMService;"d:\program files\Malwarebytes' Anti-Malware\mbamservice.exe" [2008-12-26 170640]
R2 PavProc;Panda Process Protection Driver;\??\c:\windows\system32\DRIVERS\PavProc.sys [2008-12-29 178872]
R3 LVHybrid;LVHybrid service;c:\windows\system32\DRIVERS\LVHybrid.sys [2006-05-16 892032]
R3 MBAMProtector;MBAMProtector;\??\c:\windows\system32\drivers\mbam.sys [2008-12-26 15504]
R3 PSched;QoS Packet Scheduler;c:\windows\system32\DRIVERS\psched.sys [2004-08-03 69120]
S3 SASENUM;SASENUM;\??\d:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-12-04 7408]
S3 SetupNTGLM7X;SetupNTGLM7X;\??\E:\NTGLM7X.sys []

*Newly Created Service* - NTPROCDRV
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xportovať do programu Microsoft Excel - d:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
LSP: d:\program files\Panda Security\Panda Antivirus 2008\pavlsp.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-31 11:57:18
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-839522115-287218729-2147104195-1003\Software\Microsoft\Internet Explorer\MenuExt\E*NULL*&*NULL*x*NULL*p*NULL*o*NULL*r*NULL*t*NULL*o*NULL*v*NULL*a*NULL*e *NULL*d*NULL*o*NULL* *NULL*p*NULL*r*NULL*o*NULL*g*NULL*r*NULL*a*NULL*m*NULL*u*NULL* *NULL*M*NULL*i*NULL*c*NULL*r*NULL*o*NULL*s*NULL*o*NULL*f*NULL*t*NULL* *NULL*E*NULL*x*NULL*c*NULL*e*NULL*l*NULL*]
@Security="Inherited"
@="res://d:\\PROGRA~1\\MICROS~1\\OFFICE11\\EXCEL.EXE/3000"
"Contexts"=dword:00000001

[HKEY_USERS\S-1-5-21-839522115-287218729-2147104195-1003\Software\Microsoft\Office\11.0\Common\Open Find\Microsoft Office Word\Settings\U*NULL*l*NULL*o*NULL*~i*NULL*e *NULL*a*NULL*k*NULL*o*NULL*]
@Security="Inherited"
"PositionInfo-Monitor1"=hex:57,01,00,00,3c,01,00,00,00,00,00,00,00,00,00,00

[HKEY_USERS\S-1-5-21-839522115-287218729-2147104195-1003\Software\Microsoft\Office\11.0\Common\Open Find\Microsoft Office Word\Settings\U*NULL*l*NULL*o*NULL*~i*NULL*e *NULL*a*NULL*k*NULL*o*NULL*\File Name MRU]
@Security="Inherited"
"Value"=multi:"instalacia\00\00"
"Maximum Entries"=dword:0000000a

[HKEY_USERS\S-1-5-21-839522115-287218729-2147104195-1003\Software\Microsoft\Office\11.0\Common\Open Find\Microsoft Office Word\Settings\U*NULL*l*NULL*o*NULL*~i*NULL*e *NULL*a*NULL*k*NULL*o*NULL*\View]
@Security="Inherited"
"Data"=hex:04,16,00,47,28,14,14,14,0d,01,02,01,00,18,41,00,0d,00,fa,08,00,00,\
90,90,0d,00,fa,08,00,00,90,90,0d,00,fa,08,00,00,90,90,0d,00,fa,08,00,00,90,\
90,0d,00,fa,08,00,00,90,90,0d,00,fa,08,00,00,90,90,0d,00,fa,20,00,00,90,90,\
0d,00,fa,08,00,00,90,90,0d,00,fa,08,00,00,90,90,0d,00,fa,04,00,0c,51,00,0d,\
00,18,04,00,0c,52,00,0d,00,10,40,00,08,42,00,0d,00,08,20,00,08,21,00,0d,00,\
fa,20,00,00,90,90,0d,00,fa,01,00,00,90,90,0d,00,fa,20,00,00,90,90,0d,00,fa,\
20,00,00,90,04,0d,00,fa,20,00,00,90,90,0d,00,fa,04,00,00,90,90,0d,00,fa,01,\
00,00,90,90,0d,00,fa,08,00,00,90,90

[HKEY_USERS\S-1-5-21-839522115-287218729-2147104195-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu\Programs\P*NULL*r*NULL*í*NULL*s*NULL*l*NULL*u*NULL*ae*NULL*n*NULL*s*NULL*t*NULL*v*NULL*o*NULL*]
@Security="Inherited"
"Order"=hex:08,00,00,00,02,00,00,00,10,09,00,00,01,00,00,00,0e,00,00,00,8e,00,\
00,00,00,00,00,00,80,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6e,00,31,\
00,00,00,00,00,94,39,3d,19,11,00,43,4f,4d,4d,55,4e,7e,31,00,00,48,00,03,00,\
04,00,ef,be,94,39,ad,18,94,39,1d,22,14,00,32,00,43,00,6f,00,6d,00,6d,00,75,\
00,6e,00,69,00,63,00,61,00,74,00,69,00,6f,00,6e,00,73,00,00,00,40,73,68,65,\
6c,6c,33,32,2e,64,6c,6c,2c,2d,32,31,37,36,38,00,18,00,0e,00,00,00,0a,00,ef,\
be,01,00,00,00,18,00,00,00,00,00,00,00,00,00,8a,00,00,00,01,00,00,00,7c,00,\
00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6a,00,31,00,00,00,00,00,94,39,76,\
19,11,00,53,59,53,54,45,4d,7e,31,00,00,44,00,03,00,04,00,ef,be,94,39,e5,18,\
94,39,1d,22,14,00,2e,00,53,00,79,00,73,00,74,00,65,00,6d,00,20,00,54,00,6f,\
00,6f,00,6c,00,73,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,31,\
37,38,38,00,18,00,0e,00,00,00,0a,00,ef,be,01,00,00,00,18,00,00,00,00,00,00,\
00,00,00,f4,00,00,00,02,00,00,00,e6,00,00,00,41,75,67,4d,02,00,00,00,02,00,\
00,00,6c,00,31,00,00,00,00,00,94,39,f1,1a,11,00,45,4e,54,45,52,54,7e,31,00,\
00,46,00,03,00,04,00,ef,be,94,39,ee,1a,94,39,59,23,14,00,30,00,45,00,6e,00,\
74,00,65,00,72,00,74,00,61,00,69,00,6e,00,6d,00,65,00,6e,00,74,00,00,00,40,\
73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,31,37,37,32,00,18,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,18,00,00,00,66,00,31,00,00,00,00,00,94,39,e5,18,11,\
00,45,4e,54,45,52,54,7e,31,00,00,32,00,03,00,04,00,ef,be,94,39,e5,18,94,39,\
1d,22,14,00,00,00,45,00,6e,00,74,00,65,00,72,00,74,00,61,00,69,00,6e,00,6d,\
00,65,00,6e,00,74,00,00,00,18,00,0e,00,00,00,00,00,ef,be,01,00,00,00,18,00,\
0e,00,00,00,0a,00,ef,be,01,00,00,00,18,00,00,00,00,00,00,00,00,00,f4,00,00,\
00,03,00,00,00,e6,00,00,00,41,75,67,4d,02,00,00,00,02,00,00,00,6c,00,31,00,\
00,00,00,00,94,39,3d,19,11,00,41,43,43,45,53,53,7e,31,00,00,46,00,03,00,04,\
00,ef,be,94,39,ee,1a,94,39,59,23,14,00,30,00,41,00,63,00,63,00,65,00,73,00,\
73,00,69,00,62,00,69,00,6c,00,69,00,74,00,79,00,00,00,40,73,68,65,6c,6c,33,\
32,2e,64,6c,6c,2c,2d,32,31,37,36,30,00,18,00,0e,00,00,00,0a,00,ef,be,00,00,\
00,00,18,00,00,00,66,00,31,00,00,00,00,00,94,39,e5,18,11,00,41,43,43,45,53,\
53,7e,31,00,00,32,00,03,00,04,00,ef,be,94,39,e5,18,94,39,1d,22,14,00,00,00,\
41,00,63,00,63,00,65,00,73,00,73,00,69,00,62,00,69,00,6c,00,69,00,74,00,79,\
00,00,00,18,00,0e,00,00,00,00,00,ef,be,01,00,00,00,18,00,0e,00,00,00,0a,00,\
ef,be,01,00,00,00,18,00,00,00,00,00,00,00,00,00,96,00,00,00,04,00,00,00,88,\
00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,76,00,32,00,06,03,00,00,94,39,\
f1,1a,20,00,41,44,44,52,45,53,7e,31,2e,4c,4e,4b,00,00,4c,00,03,00,04,00,ef,\
be,94,39,f1,1a,94,39,f1,1a,14,00,36,00,41,00,64,00,64,00,72,00,65,00,73,00,\
73,00,20,00,42,00,6f,00,6f,00,6b,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,\
65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,31,37,00,1c,00,0e,00,00,00,0a,00,\
ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,92,00,00,00,05,00,00,00,84,\
00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,72,00,32,00,da,05,00,00,94,39,\
e5,18,20,00,43,41,4c,43,55,4c,7e,31,2e,4c,4e,4b,00,00,48,00,03,00,04,00,ef,\
be,94,39,e5,18,94,39,e5,18,14,00,32,00,43,00,61,00,6c,00,63,00,75,00,6c,00,\
61,00,74,00,6f,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,\
32,2e,64,6c,6c,2c,2d,32,32,30,31,39,00,1c,00,0e,00,00,00,0a,00,ef,be,01,00,\
00,00,1c,00,00,00,00,00,00,00,00,00,8a,00,00,00,06,00,00,00,7c,00,00,00,41,\
75,67,4d,02,00,00,00,01,00,00,00,6a,00,32,00,ef,05,00,00,94,39,3d,19,20,00,\
4e,6f,74,65,70,61,64,2e,6c,6e,6b,00,42,00,03,00,04,00,ef,be,94,39,ee,1a,94,\
39,ee,1a,14,00,2c,00,4e,00,6f,00,74,00,65,00,70,00,61,00,64,00,2e,00,6c,00,\
6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,35,31,\
00,1a,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1a,00,00,00,00,00,00,00,00,00,\
9e,00,00,00,07,00,00,00,90,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,7e,\
00,32,00,cf,05,00,00,94,39,1d,19,20,00,57,49,4e,44,4f,57,7e,31,2e,4c,4e,4b,\
00,00,54,00,03,00,04,00,ef,be,94,39,ee,1a,94,39,ee,1a,14,00,3e,00,57,00,69,\
00,6e,00,64,00,6f,00,77,00,73,00,20,00,45,00,78,00,70,00,6c,00,6f,00,72,00,\
65,00,72,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,\
6c,2c,2d,32,32,30,36,37,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,00,00,1c,00,\
00,00,00,00,00,00,00,00,9a,00,00,00,08,00,00,00,8c,00,00,00,41,75,67,4d,02,\
00,00,00,01,00,00,00,7a,00,32,00,13,06,00,00,94,39,3d,19,20,00,43,4f,4d,4d,\
41,4e,7e,31,2e,4c,4e,4b,00,00,50,00,03,00,04,00,ef,be,94,39,ee,1a,94,39,ee,\
1a,14,00,3a,00,43,00,6f,00,6d,00,6d,00,61,00,6e,00,64,00,20,00,50,00,72,00,\
6f,00,6d,00,70,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,\
32,2e,64,6c,6c,2c,2d,32,32,30,32,32,00,1c,00,0e,00,00,00,0a,00,ef,be,00,00,\
00,00,1c,00,00,00,00,00,00,00,00,00,84,00,00,00,09,00,00,00,76,00,00,00,41,\
75,67,4d,02,00,00,00,01,00,00,00,64,00,32,00,eb,05,00,00,94,39,e5,18,20,00,\
50,61,69,6e,74,2e,6c,6e,6b,00,3e,00,03,00,04,00,ef,be,94,39,e5,18,94,39,e5,\
18,14,00,28,00,50,00,61,00,69,00,6e,00,74,00,2e,00,6c,00,6e,00,6b,00,00,00,\
40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,35,34,00,18,00,0e,00,00,\
00,0a,00,ef,be,01,00,00,00,18,00,00,00,00,00,00,00,00,00,ca,00,00,00,0a,00,\
00,00,bc,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,aa,00,32,00,82,01,00,\
00,94,39,3d,19,20,00,50,52,4f,47,52,41,7e,31,2e,4c,4e,4b,00,00,80,00,03,00,\
04,00,ef,be,94,39,ee,1a,94,39,ee,1a,14,00,56,00,50,00,72,00,6f,00,67,00,72,\
00,61,00,6d,00,20,00,43,00,6f,00,6d,00,70,00,61,00,74,00,69,00,62,00,69,00,\
6c,00,69,00,74,00,79,00,20,00,57,00,69,00,7a,00,61,00,72,00,64,00,2e,00,6c,\
00,6e,00,6b,00,00,00,40,43,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,\
33,32,5c,63,6f,6d,70,61,74,55,49,2e,64,6c,6c,2c,2d,31,31,35,00,00,1c,00,0e,\
00,00,00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,94,00,00,00,\
0b,00,00,00,86,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,74,00,32,00,ef,\
05,00,00,94,39,3d,19,20,00,53,59,4e,43,48,52,7e,31,2e,4c,4e,4b,00,00,4a,00,\
03,00,04,00,ef,be,94,39,ee,1a,94,39,ee,1a,14,00,34,00,53,00,79,00,6e,00,63,\
00,68,00,72,00,6f,00,6e,00,69,00,7a,00,65,00,2e,00,6c,00,6e,00,6b,00,00,00,\
40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,2d,32,32,30,36,32,00,1c,00,0e,00,00,\
00,0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,ae,00,00,00,0c,00,\
00,00,a0,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,8e,00,32,00,f7,05,00,\
00,94,39,3d,19,20,00,54,4f,55,52,57,49,7e,31,2e,4c,4e,4b,00,00,64,00,03,00,\
04,00,ef,be,94,39,ee,1a,94,39,ee,1a,14,00,3c,00,54,00,6f,00,75,00,72,00,20,\
00,57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,58,00,50,00,2e,00,6c,00,\
6e,00,6b,00,00,00,40,43,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,33,\
32,5c,74,6f,75,72,73,74,61,72,74,2e,65,78,65,2c,2d,31,00,1c,00,0e,00,00,00,\
0a,00,ef,be,00,00,00,00,1c,00,00,00,00,00,00,00,00,00,8a,00,00,00,0d,00,00,\
00,7c,00,00,00,41,75,67,4d,02,00,00,00,01,00,00,00,6a,00,32,00,6f,03,00,00,\
94,39,e5,18,20,00,57,6f,72,64,50,61,64,2e,6c,6e,6b,00,42,00,03,00,04,00,ef,\
be,94,39,e5,18,94,39,e5,18,14,00,2c,00,57,00,6f,00,72,00,64,00,50,00,61,00,\
64,00,2e,00,6c,00,6e,00,6b,00,00,00,40,73,68,65,6c,6c,33,32,2e,64,6c,6c,2c,\
2d,32,32,30,36,39,00,1a,00,0e,00,00,00,0a,00,ef,be,01,00,00,00,1a,00,00,00,\
00,00,00,00,00,00

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}]
@Owner=S-1-5-21-839522115-287218729-2147104195-1003
@Denied: (A 2) (Everyone)
@Denied: (A 2) (S-1-5-7)
@="FlashProp Class"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\InprocServer32]
@Owner=S-1-5-21-839522115-287218729-2147104195-1003
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\Flash6.ocx"
"ThreadingModel"="Apartment"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{1171A62F-05D2-11D1-83FC-00A0C9089C5A}\Programmable]
@Owner=S-1-5-21-839522115-287218729-2147104195-1003

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\O*NULL*t*NULL*v*NULL*o*NULL*r*NULL*i*NULL*e *NULL*C*NULL*C*NULL*l*NULL*e*NULL*a*NULL*n*NULL*e*NULL*r*NULL*]
@Security="Inherited"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\O*NULL*t*NULL*v*NULL*o*NULL*r*NULL*i*NULL*e *NULL*C*NULL*C*NULL*l*NULL*e*NULL*a*NULL*n*NULL*e*NULL*r*NULL*\command]
@Security="Inherited"
@="d:\\Program Files\\CCleaner\\ccleaner.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\S*NULL*p*NULL*u*NULL*s*NULL*t*NULL*i*NULL*e *NULL*C*NULL*C*NULL*l*NULL*e*NULL*a*NULL*n*NULL*e*NULL*r*NULL*]
@Security="Inherited"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\S*NULL*p*NULL*u*NULL*s*NULL*t*NULL*i*NULL*e *NULL*C*NULL*C*NULL*l*NULL*e*NULL*a*NULL*n*NULL*e*NULL*r*NULL*\command]
@Security="Inherited"
@="d:\\Program Files\\CCleaner\\ccleaner.exe /AUTO"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\MediaProperties\PrivateProperties\Midi\Ports\M*NULL*a*NULL*p*NULL*o*NULL*v*NULL*a*NULL*T *NULL*M*NULL*I*NULL*D*NULL*I*NULL* *NULL*[*NULL*E*NULL*m*NULL*u*NULL*l*NULL*a*NULL*t*NULL*e*NULL*d*NULL*]*NULL*]
@Security="Inherited"

[HKEY_LOCAL_MACHINE\System\ControlSet001\Control\MediaProperties\PrivateProperties\Midi\Ports\M*NULL*a*NULL*p*NULL*o*NULL*v*NULL*a*NULL*T *NULL*M*NULL*I*NULL*D*NULL*I*NULL* *NULL*[*NULL*E*NULL*m*NULL*u*NULL*l*NULL*a*NULL*t*NULL*e*NULL*d*NULL*]*NULL*\Out]
@Security="Inherited"
"DMPortGUID"=hex:cc,25,94,b8,69,00,ca,41,b6,94,e2,8a,c3,24,c7,15
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(764)
d:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\avldr.dll
.
------------------------ Other Running Processes ------------------------
.
d:\program files\Panda Security\Panda Antivirus 2008\PAVSRV51.EXE
d:\program files\Panda Security\Panda Antivirus 2008\AVENGINE.EXE
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
d:\program files\Panda Security\Panda Antivirus 2008\PsCtrlS.exe
c:\program files\Common Files\Panda Software\PavShld\PavPrSrv.exe
c:\windows\system32\HPZipm12.exe
c:\windows\system32\PnkBstrA.exe
d:\program files\Panda Security\Panda Antivirus 2008\PsImSvc.exe
d:\program files\Panda Security\Panda Antivirus 2008\WebProxy.exe
.
**************************************************************************
.
Completion time: 2008-12-31 11:58:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-31 10:58:43
ComboFix2.txt 2008-12-30 20:30:23
ComboFix3.txt 2008-12-30 19:22:50
ComboFix4.txt 2008-12-30 18:55:20

Pre-Run: 12 674 101 248 bytes free
Post-Run: 11 adresárov, 12,662,583,296 voľných bajtov

416

Kosak · Napísal **Kosak**: 31.12.2008 13:23

Na www.virustotal.com otestuj zatial tento subor:

c:\windows\system32\dvmurl.dll

vladko3007 · Napísal autor témy **vladko3007**: 31.12.2008 14:28

toto mi vyskocilo pri kontrole

File ll.txt received on 12.31.2008 14:24:04 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/39 (0%)
Loading server information...
Your file is queued in position: 2.
Estimated start time is between 46 and 66 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 4.0.0.73 2008.12.31 -
AhnLab-V3 2008.12.31.0 2008.12.31 -
AntiVir 7.9.0.45 2008.12.31 -
Authentium 5.1.0.4 2008.12.30 -
Avast 4.8.1281.0 2008.12.30 -
AVG 8.0.0.199 2008.12.31 -
BitDefender 7.2 2008.12.31 -
CAT-QuickHeal 10.00 2008.12.31 -
ClamAV 0.94.1 2008.12.31 -
Comodo 854 2008.12.31 -
DrWeb 4.44.0.09170 2008.12.31 -
eSafe 7.0.17.0 2008.12.30 -
eTrust-Vet 31.6.6284 2008.12.31 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2008.12.30 -
F-Secure 8.0.14470.0 2008.12.31 -
Fortinet 3.117.0.0 2008.12.31 -
GData 19 2008.12.31 -
Ikarus T3.1.1.45.0 2008.12.31 -
K7AntiVirus 7.10.572 2008.12.31 -
Kaspersky 7.0.0.125 2008.12.31 -
McAfee 5479 2008.12.30 -
McAfee+Artemis 5479 2008.12.30 -
Microsoft 1.4205 2008.12.31 -
NOD32 3726 2008.12.31 -
Norman 5.80.02 2008.12.31 -
Panda 9.0.0.4 2008.12.31 -
PCTools 4.4.2.0 2008.12.31 -
Prevx1 V2 2008.12.31 -
Rising 21.10.22.00 2008.12.31 -
SecureWeb-Gateway 6.7.6 2008.12.31 -
Sophos 4.37.0 2008.12.31 -
Sunbelt 3.2.1809.2 2008.12.22 -
Symantec 10 2008.12.31 -
TheHacker 6.3.1.4.202 2008.12.30 -
TrendMicro 8.700.0.1004 2008.12.31 -
VBA32 3.12.8.10 2008.12.30 -
ViRobot 2008.12.30.1540 2008.12.31 -
VirusBuster 4.5.11.0 2008.12.30 -
Additional information
File size: 32 bytes
MD5...: de4144d68a2357625b026e68b3f20f08
SHA1..: 826d5ed0bf9350fe8bdd64945997e803cc5a0236
SHA256: a9e8c4019d5f76560dac5f193ae234909c818d2e7c62538458885ba478a67f63
SHA512: 7ba1f83a52bb38c825699c252478d50d81a21ff6cba5b84993b9a7e3f20e7d95
bb719933f02e48d5a52009a0190d6ff90d48ba23336fe240d39c22e335c8bc44
ssdeep: 3:I5SMAWAIKNYn:IBQNYn
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -

uUsErR · Napísal **uUsErR**: 03.01.2009 13:04

Ahoj, zopakuj sken súboru, myslím si že pri ňom nastala chyba a hoď to sem znova...

vladko3007 · Napísal autor témy **vladko3007**: 04.01.2009 14:39

Toto mi vyskocilo mozno nieco zle robim

File 444.txt received on 01.04.2009 14:36:13 (CET)

Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/37 (0%)
Loading server information...
Your file is queued in position: 2.
Estimated start time is between 46 and 66 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 4.0.0.73 2009.01.04 -
AhnLab-V3 2008.12.31.0 2009.01.03 -
AntiVir 7.9.0.45 2009.01.04 -
Authentium 5.1.0.4 2009.01.03 -
Avast 4.8.1281.0 2009.01.04 -
AVG 8.0.0.199 2009.01.03 -
BitDefender 7.2 2009.01.04 -
CAT-QuickHeal 10.00 2009.01.03 -
ClamAV 0.94.1 2009.01.04 -
Comodo 874 2009.01.04 -
DrWeb 4.44.0.09170 2009.01.04 -
eTrust-Vet 31.6.6289 2009.01.02 -
Ewido 4.0 2008.12.31 -
F-Prot 4.4.4.56 2009.01.03 -
F-Secure 8.0.14470.0 2009.01.04 -
Fortinet 3.117.0.0 2009.01.04 -
GData 19 2009.01.04 -
Ikarus T3.1.1.45.0 2009.01.03 -
K7AntiVirus 7.10.575 2009.01.03 -
Kaspersky 7.0.0.125 2009.01.04 -
McAfee 5483 2009.01.03 -
McAfee+Artemis 5483 2009.01.03 -
Microsoft 1.4205 2009.01.04 -
NOD32 3735 2009.01.04 -
Norman 5.80.02 2009.01.02 -
Panda 9.0.0.4 2009.01.04 -
PCTools 4.4.2.0 2009.01.04 -
Prevx1 V2 2009.01.04 -
Rising 21.10.62.00 2009.01.04 -
SecureWeb-Gateway 6.7.6 2009.01.04 -
Sophos 4.37.0 2009.01.04 -
Sunbelt 3.2.1809.2 2008.12.22 -
TheHacker 6.3.1.4.204 2009.01.02 -
TrendMicro 8.700.0.1004 2009.01.04 -
VBA32 3.12.8.10 2009.01.03 -
ViRobot 2009.1.3.1541 2009.01.03 -
VirusBuster 4.5.11.0 2009.01.03 -
Additional information
File size: 30 bytes
MD5...: da3be828b6aca9cdbbac185a846f739e
SHA1..: 86a1d125f9d644ebbacc7cb727ab6515c3d94e95
SHA256: f100acf404dcf170fdea11d3c05f2a812eeef0053fa87c51862bb1eca7aeca23
SHA512: f4f2c0be3ddbec8a21b5005896922d47fd79e345c4c0d6252622f4eb33e47af0
761f320897481b7f823c1c2decd88199035ab5e9ca7b1bfe75a2a93bc767ecc8
ssdeep: 3:I5SMAWAIKNJ:IBQNJ
PEiD..: -
TrID..: File type identification
Unknown!
PEInfo: -

ATENTION ATTENTION: VirusTotal is a free service offered by Hispasec Sistemas. There are no guarantees about the availability and continuity of this service. Although the detection rate afforded by the use of multiple antivirus engines is far superior to that offered by just one product, these results DO NOT guarantee the harmlessness of a file. Currently, there is not any solution that offers a 100% effectiveness rate for detecting viruses and malware.

Kosak · Napísal **Kosak**: 05.01.2009 21:02

Hmm, môžeš skúsiť ešte pastnuť log z niektorého antirootkitu (Rootkit Unhooker, Rootkit Revealer a pod.).

vladko3007 · Napísal autor témy **vladko3007**: 05.01.2009 21:30

To su programy alebo co to je?

uUsErR · Napísal **uUsErR**: 07.01.2009 16:10

Ahoj, skús GMER /program proti rootkitom/

vladko3007 · Napísal autor témy **vladko3007**: 07.02.2009 11:54

uz som nato prisiel co to robilo bola to aktualizacia sp3 toto robilo problem mozte lock.

A este sa chcem spytat potreboval bi som antivirak do pc ktory nieje pripojeny na net aby ho netrebalo aktualizovat.Je to stara sunka pentium2

KingTommy · Napísal **KingTommy**: 18.04.2009 15:03

Zdravím, vedeli by ste mi povedať čo je zač BDS/Agent.ZNC? Dík. Je to vírus?

Kosak · Napísal **Kosak**: 18.04.2009 16:07

Podľa mena pôjde o backdoor.

KingTommy · Napísal **KingTommy**: 18.04.2009 17:50

No a to je dobré alebo zlé ak ho mám v PC. :oops:

Linux · Napísal **Linux**: 18.04.2009 20:11

tak zadné vrátka sa ti môžu niekedy hodiť

ale nie teraz na rovinu...zbav sa to a sakra rýchlo...

KingTommy · Napísal **KingTommy**: 18.04.2009 20:50

A je preč ale žiaľ aj s celým image-om, nakoľko odtiaľ nešiel "vybrať".

Čo už.

Mozno virus

Podobné témy